Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Remove XSS vulnerability on the main page
Before there was no protection stopping users from submitting their own HTML including JavaScript functions. This could allow attackers to steal sensitive information like session cookies, or just to deface the page by changing page-wide CSS rules.
- Loading branch information